3.1.4.8 RRPC_FWDeleteFirewallRule (Opnum 7)

Article
09/26/2024

The RRPC_FWDeleteFirewallRule method requests the server to delete the specified firewall rule in the policy contained in the policy store referenced by the handle specified in the hPolicyStore parameter.

 unsigned long RRPC_FWDeleteFirewallRule(
   [in] FW_CONN_HANDLE rpcConnHandle,
   [in] FW_POLICY_STORE_HANDLE hPolicyStore,
   [in, string, ref] const wchar_t* wszRuleID
 );

rpcConnHandle: This parameter is an RPC binding handle that connects to the RPC interface of the Firewall and Advanced Security Protocol.

hPolicyStore: This input parameter is an FW_POLICY_STORE_HANDLE data type. The data type MUST contain an opened policy store handle, successfully opened with the RRPC_FWOpenPolicyStore (Opnum 0) method. The handle MUST have read/write access rights.

wszRuleID: This parameter is the pointer to a string that is the ID of the firewall rule the client wants to delete from the specified store.

This ID can be obtained by enumerating firewall rules using RRPC_FWEnumFirewallRules (Opnum 9) where the ID is returned in the FW_RULE2_0 structure.

Return Values: The method returns 0 if successful; if failed, it returns a nonzero error code. The field can take any specific error code value, as specified in [MS-ERREF]. The following are common.

Return value/code	Description
0x00000032 ERROR_NOT_SUPPORTED	The specified store does not support this method; the store might be read-only.
0x00000005 ERROR_ACCESS_DENIED	The hPolicyStore handle was not opened with read/write access rights. The error is also returned if the client does not have the required credentials to call the method.
0x00000002 ERROR_FILE_NOT_FOUND	The specified rule referenced by the wszRuleID member string of the FW_RULE data type is not found in the policy store.

Return value/code

Description

0x00000032

ERROR_NOT_SUPPORTED

The specified store does not support this method; the store might be read-only.

0x00000005

ERROR_ACCESS_DENIED

The hPolicyStore handle was not opened with read/write access rights. The error is also returned if the client does not have the required credentials to call the method.

0x00000002

ERROR_FILE_NOT_FOUND

The specified rule referenced by the wszRuleID member string of the FW_RULE data type is not found in the policy store.

Exceptions Thrown: No exceptions are thrown beyond those thrown by the underlying RPC protocol, as specified in [MS-RPCE]. If any lower-layer errors are reported by RPC exception, this exception is converted to an error code and reported to higher-layer protocols via the return value.

This method deletes a firewall rule already stored in the firewall linked list of the memory representation of the store being modified. It uses this list to determine if the rule exists or not. It also writes through and deletes the rule from disk. If called on an online store, the removal of the firewall rule is also enforced.

The server MUST validate that the client is authorized to perform the requested operation (as defined in section 3.1.4) before executing this method.

Share via

3.1.4.8 RRPC_FWDeleteFirewallRule (Opnum 7)

Additional resources